Designing circuit boards for high speed applications requires special considerations. This you already know, but what exactly do you need to do differently from common board layout? Building on where I left off discussing impedance in 2 layer Printed Circuit Board (PCB) designs, I wanted to start talking about high speed design techniques as they relate to PCBs. This is the world of multi-layer PCBs and where the impedance of both the Power Delivery Network (PDN) and the integrity of the signals themselves (Signal Integrity or SI) become very important factors.

In recent months, the ability to hide components inside a circuit board has become an item of interest. We could trace this to the burgeoning badgelife movement, where engineers create beautiful works of electronic art. We can also attribute this interest to Bloomberg’s Big Hack, where Jordan Robertson and Michael Riley asserted Apple was the target of Chinese spying using components embedded inside a motherboard. The Big Hack story had legs, but so far no evidence of this hack’s existence has come to light, and the companies and governments involved have all issued denials that anything like this exists. …read more

I recently came across the most peculiar way to make a color CRT monitor. More than a few oscilloscopes have found their way on to my bench over the years, but I was particularly struck with a find from eBay. A quick look at the display reveals something a little alien. The sharpness is fantastic: each pixel is a perfect, uniform-colored little dot, a feat unequaled even by today’s best LCDs. The designers seem to have chosen a somewhat odd set of pastels for the UI though, and if you move your head just right, you can catch flashes of …read more

On the outside chance that we ever encounter a space probe from an alien civilization, the degree to which the world will change cannot be overestimated. Not only will it prove that we’re not alone, or more likely weren’t, depending on how long said probe has been traveling through space, but we’ll have a bonanza of super-cool new technology to analyze. Just think of the fancy alloys, the advanced biomimetic thingamajigs, the poly-godknowswhat composites. We’ll take a huge leap forward by mimicking the alien technology; the mind boggles.

Sadly, we won’t be returning the favor. If aliens ever snag one …read more

As you’re no doubt aware, humans are a rather noisy species. Not just audibly, like in the case of somebody talking loudly when you’re in a movie theater, but also electromagnetically. All of our wireless transmissions since Marconi made his first spark gap broadcast in 1895 have radiated out into space, and anyone who’s got a sensitive enough ear pointed into our little corner of the Milky Way should have no trouble hearing us. Even if these extraterrestrial eavesdroppers wouldn’t be able to understand the content of our transmissions, the sheer volume of them would be enough to indicate that …read more

Translating rotary motion to linear motion is a basic part of mechatronic design. Take a look at the nearest 3D-printer or CNC router — at least the Cartesian variety — and you’ll see some mechanism that converts the rotation of the the motor shafts into the smooth linear motion needed for each axis.

Hobby-grade machines are as likely as not to use pulleys and timing belts to achieve this translation, and that generally meets the needs of the machine. But in some machines, the stretchiness of a belt won’t cut it, and the designer may turn to some variety of …read more

When I started working in a video production house in the early 1980s, it quickly became apparent that there was a lot of snobbery in terms of equipment. These were the days when the home video market was taking off; the Format War had been fought and won by VHS, and consumer-grade VCRs were flying off the shelves and into living rooms. Most of that gear was cheap stuff, built to a price point and destined to fail sooner rather than later, like most consumer gear. In our shop, surrounded by our Ikegami cameras and Sony 3/4″ tape decks, we …read more

Everyone’s heard of the “black box”. Officially known as the Flight Data Recorder (FDR), it’s a mandatory piece of equipment on commercial aircraft. The FDR is instrumental in investigating incidents or crashes, and is specifically designed to survive should the aircraft be destroyed. The search for the so-called “black box” often dominates the news cycle after the loss of a commercial aircraft; as finding it will almost certainly be necessary to determine the true cause of the accident. What you probably haven’t heard of is a Quick Access Recorder (QAR).

How does a design go from the computer screen to something you hold in your hand? Not being able to fully answer this question is a huge risk in manufacturing because . One of the important tools engineers use to ensure success is Geometric Dimensioning and Tolerancing (GD&T).

A good technical drawing is essential for communicating your mechanical part designs to a manufacturer. Drafting, as a professional discipline, is all about creating technical drawings that are as unambiguous as possible, and that means defining features explicitly. The most basic implementation of that concept is dimensioning, where you state the distance …read more

They adorn the ends of Cat5 network patch cables and the flat satin cables that come with all-in-one printers that we generally either toss in the scrap bin or throw away altogether. The blocky rectangular plugs, molded of clear plastic and holding gold-plated contacts, are known broadly as modular connectors. They and their socket counterparts have become ubiquitous components of the connected world over the last half-century or so, and unsurprisingly they had their start where so many other innovations began: from the need to manage the growth of the telephone network and reduce costs. Here’s how the modular connector …read more

One evening quite a few years ago, as I was driving through my hometown I saw the telltale flashing lights of the local volunteer fire department ahead. I passed by a side road where all the activity was: a utility pole on fire. I could see smoke and flames shooting from the transformer and I could hear the loud, angry 60 Hz buzzing that sounded like a million hornet nests. As I passed, the transformer exploded and released a cloud of flaming liquid that rained down on the road and lawns underneath. It seemed like a good time to quit …read more

Unless you’ve spent some time in the industrial electrical field, you might be surprised at the degree of integration involved in the various control panels needed to run factories and the like. Look inside any cabinet almost anywhere in the world, and you’ll be greeted by rows of neat plastic terminal blocks, circuit breakers, signal conditioners, and all manner of computing hardware from programmable logic controllers right on to Raspberry Pis and Arduinos.

A well-crafted industrial control panel can truly be a thing of beauty. But behind all the electrical bits in the cabinet, underneath all the neatly routed and …read more

Over the past few decades, numerous space probes sent to the far-flung reaches of the Solar System have fallen silent. These failures weren’t due to communications problems, probes flying into scientifically implausible anomalies, or little green men snatching up the robotic scouts we’ve sent out into the Solar System. No, these space probes have failed simply because engineers on Earth can’t point them. If you lose attitude control, you lose the ability to point a transmitter at Earth. If you’re managing a space telescope, losing the ability to point a spacecraft turns a valuable piece of scientific equipment into a …read more

There is one thing that unites almost every computer and logic circuit commonly used in the hardware hacking and experimentation arena. No matter what its age, speed, or internal configuration, electronics speak to the world through logic level I/O. A single conductor which is switched between voltage levels to denote a logic 1 or logic zero. This is an interface standard that has survived the decades from the earliest integrated circuit logic output of the 1960s to the latest microcontroller GPIO in 2018.

The effect of this tried and true arrangement is that we can take a 7400 series I/O …read more

If you want to have your part designs fabricated, you’re going to need to provide the manufacturer with a technical drawing. Yes, 3D printers and many modern machine tools rely on toolpaths created from 3D models. But, there is a good chance the manufacturer will be recreating the 3D model in their own system, instead of using the one you provided. Or, they may use traditional manual machining and not touch a 3D model at all. More importantly, the technical drawing gives them vital information on how closely they need to adhere to your dimensions in order for you to …read more

Temperature is one of the most frequently measured physical quantities, and features prominently in many of our projects, from weather stations to 3D printers. Most commonly we’ll see thermistors, thermocouples, infrared sensors, or a dedicated IC used to measure temperature. It’s even possible to use only an ordinary diode, leading to some interesting techniques.

Often we only need to know the temperature within a degree Celsius or two, and any of these tools are fine. Until fairly recently, when we needed to know the temperature precisely, reliably, and over a wide range we used mercury thermometers. The devices themselves were …read more

When you first learn about digital logic, it probably seems like it is easy. You learn about AND and OR gates and figure that’s not very hard. However, going from a few basic gates to something like a CPU or another complex system is a whole different story. It is like going from “Hello World!” to writing an operating system. There’s a lot to understand before you can make that leap. In this set of articles, I want to talk about a way to organize more complex FPGA designs like CPUs using a technique called pipelining.

Have you ever torn open an Ethernet jack? We’d bet the vast majority of readers — even the ones elbow-deep into the hardware world — will answer no. So we applaud the effort in this one, but the conclusion landed way off the mark.

In the last few days, a Tweet showing a Raspberry Pi with its Ethernet socket broken open suggested the little PCB inside it is a hidden bug. With more going on inside than one might expect, the conclusion of the person doing the teardown was that the Raspberry Pi foundation are spying upon us through our …read more

If the heady early days of space exploration taught us anything, it was how much we just didn’t know. Failure after failure mounted, often dramatic and expensive and sometimes deadly. Launch vehicles exploded, satellites failed to deploy, or some widget decided to give up the ghost at a crucial time, blinding a multi-million dollar probe and ending a mission long before any useful science was done. For the United States, with a deadline to meet for manned missions to the moon, every failure in the late 1950s and early 1960s was valuable, though, at least to the extent that it …read more

Since humans first starting playing with electricity, we’ve proven ourselves pretty clever at finding ways to harness that power and turn it into motion. Electric motors of every type move the world, but they are far from the only way to put electricity into motion. When you want continuous rotation, a motor is the way to go. But for simpler on and off applications, where fine control of position is not critical, a solenoid is more like what you need. These electromagnetic devices are found everywhere and they’re next in our series on useful mechanisms.

Last time we looked at Spice models of a current sink. We didn’t look at some of the problems involved with a simple sink, and for many practical applications, they are perfectly adequate. However, you’ll often see more devices used to improve the characteristics of the current sink or source. In particular, a common design is a current mirror which copies a current from one device to another. Usually, the device that sets the current is in a configuration that makes it very stable while the other device handles the load current.

Right now, if you happen to be in Noth America, chances are pretty good that there’s at least one little face staring at you. Look around and you’ll spy it, probably about 15 inches up from the floor on a nearby wall. It’s the ubiquitous wall outlet, with three holes arranged in a way that can’t help but stimulate the facial recognition firmware of our mammalian brain.

No matter where you go you’ll find those outlets and similar ones, all engineered for specific tasks. But why do they look the way they do? And what’s going on electrically and mechanically …read more

For as busy as things can get at the grocery store on a typical afternoon just before the dinner hour, at least the modern experience has one thing going for it: it’s relatively quiet. Aside from the mumbled greetings and “Paper or plastic?” questions from the cashier, and the occasional screaming baby in the next aisle, the only sound you tend to hear is the beeping of the barcode scanner as your purchase is tallied up.

Jump back just 40 years and the same scene was raucous, with cashiers reading price tags and pounding numbers into behemoth electromechanical cash registers. …read more

Our bodies are not like LEGO blocks or computers because we cannot swap out our parts in the living room while watching television. Organ transplants and cosmetic surgery are currently our options for upgrades, repairs, and augments, but post-transplant therapy can be a lifelong commitment because of rejection. Elective surgery costs more than a NIB Millenium Falcon LEGO set. Laboratories have been improving the processes and associated treatments for decades but experimental labs and even home laboratories are getting in on the action as some creative minds take the stage. These folks aren’t performing surgeries, but they are expanding what …read more

It’s time once again to see how those tax dollars are spent, this time in the form of a “Data Entry Keyboard” manufactured by Hughes Helicopters. This device was built circa 1986 or so, and was used in the AH-64A Apache. Specifically, this panel would have been located by the gunner’s left knee, and served as a general purpose input device for the Apache’s Fire Control System. Eventually the Apache was upgraded with a so-called “glass cockpit”; consolidating various vehicle functions into a handful of multi-purpose digital displays. As such, this particular device became obsolete and was pulled from the …read more

Levers are literally all around us. You body uses them to move, pick up a pen to sign your name and you’ll use mechanical advantage to make that ballpoint roll, and that can of soda doesn’t open without a cleverly designed lever.

I got onto this topic quite by accident. I was making an ornithopter and it was having trouble lifting its wings. For the uninitiated, ornithopters are machines which fly by flapping their wings. The problem was that the lever arm was too short. To be honest, as I worked I wasn’t even thinking in terms of levers, and …read more

Early airborne combat was more like a drive-by shooting as pilot used handheld firearms to fire upon other aircraft. Whomever could boost firepower and accuracy would have the upper hand and so machine guns were added to planes. But it certainly wasn’t as simple as just bolting one to the chassis.

This was during World War I which spanned 1914 to 1918 and the controllable airplane had been invented a mere eleven years before. Most airplanes still used wooden frames, fabric-covered wings, and external cable bracing. The engineers became pretty inventive, even finding ways to fire bullets through the path …read more

Lathes are complicated machines, and buying one requires weighing a lot of options. We’ve already talked about buying new Asian, or old American machines (with apologies to the Germans, British, Swiss, and all the other fine 20th century machine tool making-countries). We also talked about bed length and swing, and you ain’t got nothin’ if you ain’t got that swing. Let’s talk about the feature set now. If you’re buying new, you’ll shop on these details. If you’re buying used, knowing the differences will help you pick a good project machine.

As a species, we’ve done a pretty good job at inventing some useful devices. But as clever as we think we are, given sufficient time, natural selection will beat us at our game at almost every turn. So it makes sense that many of our best inventions are inspired by nature and the myriad ways life finds to get DNA from one generation to the next.

Velcro is one such design cribbed from nature, and the story behind this useful mechanism is a perfect example that a prepared mind, good observation skills, and a heck of a lot of perseverance …read more

In July 1940 the German airforce began bombing Britain. This was met with polite disagreement on the British side — and with high technology, ingenuity, and improvisation. The defeat of the Germans is associated with anti-aircraft guns and fighter planes, but a significant amount of potential damage had been averted by the use of radio.

Night bombing was a relatively new idea at that time and everybody agreed that it was hard. Navigating a plane in the dark while travelling at two hundred miles per hour and possibly being shot at just wasn’t effective with traditional means. So the Germans …read more

When they need to add temperature control to a project, many hackers reach for a K-type thermocouple for their high-temperature needs, or an integrated temperature-sensing IC when it doesn’t get that hot. The thermocouple relies on very small currents and extremely high gain, and you pretty much need a dedicated IC to read it, which can be expensive. The ICs aren’t as expensive, but they’re basically limited to boiling water. What do you do if you want to control a reflow oven?

There’s a cheaper way that spans a range between Antarctic winter and molten solder, and you’ve probably already …read more

We recently posted about a spectacular 3D-printer fire that was thankfully caught and extinguished before spreading to the hacker’s house or injuring his family. Analyzing the remains of the printer, the hacker determined that the fire was caused when a loose grub screw let the extruder’s heater cartridge fall out and touch the ABS fan shroud. It ran full-on and set things on fire.

A number of us have similar 3D printers, so the comments for this article were understandably lively, but one comment stood out by listing a number of best practices for wiring, including the use of ferrules. …read more

I was splitting wood one day a few years back, getting next winter’s firewood ready on my hydraulic splitter. It normally handled my ash and oak with ease, but I had a particularly gnarly piece of birch queued up, and the splitter was struggling. The 20-ton cylinder slowed as the wedge jammed in the twisted grain, the engine started to bog down, then BANG! I jumped back as something gave way and the engine revved out of control; I figured a hydraulic hose gave out. Whatever it was, I was done for the day.

On a balmy September evening in 1998, Swissair flight 111 was in big trouble. A fire in the cockpit ceiling had at first blinded the pilots with smoke, leaving them to rely on instruments to divert the plane, en route from New York to Geneva, to an emergency landing at Halifax Airport in the Canadian province of Nova Scotia. But the fire raging above and behind the pilots, intense enough to melt the aluminum of the flight deck, consumed wiring harness after wiring harness, cutting power to vital flight control systems. With no way to control the plane, the MD-11 …read more

If you’re interested in 3D printing or CNC milling — or really any kind of fabrication — then duplicating or interfacing with an existing part is probably on your to-do list. The ability to print replacement parts when something breaks is often one of the top selling points of 3D printing. Want some proof? Just take a look at what people made for our Repairs You Can Print contest.

Of course, to do that you need to be able to make an accurate 3D model of the replacement part. That’s fairly straightforward if the part has simple geometry made up …read more

Building a robot that can do anything well is a tough challenge. Building one that can stand up to another robot trying to violently put it out of commission is an even harder task. But it makes for some entertaining television! It is this combination that thrust a few creative robot building teams into the world of Robot Wars.

SMIDSY, short for the insubstantial excuse heard by many a motorcyclist “Sorry Mate, I Didn’t See You”, is a robot that competed in several seasons of the British incarnation of the Robot Wars TV show. It wasn’t the most successful …read more

Zip ties, Ty-Raps, cable ties; call them what you will, but it’s hard to imagine doing without these ubiquitous and useful devices. Along with duct tape and hot glue, they’re part of the triumvirate of fasteners used to solve nasty problems quickly and cheaply. They’re next up on the list of mechanisms we find fascinating, and as it turns out, there’s more to these devices than meets the eye.

The Well-Dressed Wiring Harness

Like so many products that we take for granted today, the cable tie was invented to solve problems in the aerospace industry. In the prewar years, airplanes …read more

Even before the Industrial Revolution, gears of one kind or another have been put to work both for and against us. From ancient water wheels and windmills that ground grain and pounded flax, to the drive trains that power machines of war from siege engines to main battle tanks, gears have been essential parts of almost every mechanical device ever built. The next installment of our series on Mechanisms will take a brief look at gears and their applications.

Spurring Progress Along

As is often the case, evolution is the best inventor, and a geared mechanism linking the rear legs …read more

Hackaday readers are well aware of the problems caused by materials left exposed to the environment over time, whether that be oxidized contact pads on circuit boards or plastics made brittle from long exposure to the sun’s UV rays.

Now consider the perils faced by materials on the International Space Station (ISS), launched beginning in 1998 and planned to be used until 2028. That’s a total of 30 years in an environment of unfiltered sunlight, extreme temperatures, micrometeoroids, and even problems caused by oxygen. What about the exposure faced by the newly launched Tesla Roadster, an entirely non-space hardened vehicle …read more

Here’s one for the ladies (and men, we guess) out there. [Beth] recently bought a LELO Lyla vibrator for herself, but found operating this wireless vibrator to be an exercise in mood-killing awkwardness. Wanting a more natural interface, she decided to reverse engineer a remote control vibrator. Here’s a cache; [Beth]‘s blog has been up and down all [...]

Authors: Joe GrandTags: hardware hackingEvent: Black Hat DC 2011Abstract: Electronics are embedded into nearly everything we use. Hardware products are being relied on for security-related applications and are inherently trusted, though many are completely susceptible to compromise. In this workshop, Joe will discuss the hardware hacking and reverse engineering processes, and then provide an open lab environment for you to probe, analyze, and hack. Joe will bring a variety of products to tinker with, though attendees are heavily encouraged to bring their own pieces of hardware to explore. Basic tools and electronics test/measurement equipment will be provided. You'll leave the workshop with new skills, ideas for further attacks, and maybe even some defeated hardware.

We see a lot of microcontroller based hacks around here, and it’s not hard to see why learning how to use microcontrollers is valuable to prospective engineeer. Unfortunately, microcontroller courses are dreaded by students since they focus on theory instead of application. In The First Lecure, [Colin] talks to a class of engineering students about [...]

Reversing complex software quickly is challenging due to the lack of professional tools that support collaborative analysis. The CrowdRE project aims to fill this gap. Rather than using a live distribution of changes to all clients, which has proven to fail in the past, it leverages from the architecture that is being used with success [...]
The...

Authors: David GustinTags: hardware hackingEvent: Chaos Communication Camp 2007Abstract: How to build your own lab in your basement for engineering and reverse-engineering on a budget. Demystifying modern System On a Chip (SOC) Micro-Controllers for early hardware prototyping and software development. Practical reverse engineering; using your verification tools to reverse engineer and modify systems without source code. A presentation on getting started with embedded engineering. There is a lot to be said about the work area required for embedded engineering, what tools you will need and how to use them to accomplish useful tasks. An overview of hardware and software necessary to develop or reverse engineer embedded devices. As you will learn in this talk the tools are the same for both tasks. When you begin an embedded project of your own, what chips do you want to use? How do you go about prototyping your hardware? What methods should be considered before designing the system. Is your task better suited to multiple microcontrollers? Once you start writing code, how do you test it? Will your method of loading a binary into your final hardware differ? Do you need to write a bootloader? All these questions need to have answers to tackle an embedded project, we will be showing a variety of methods to solve these common questions. When reverse engineering a device, you need to figure out how it was put together. You need to get into the designer's head and figure out what methods were used to create the device. As you begin to answer these questions you can slowly unravel the device's secrets. We will show some techniques for reverse engineering embedded electronics and firmware and present a plethora of resources to start you off on your own journeys into this field.

Authors: Alan BradleyTags: reverse engineeringrootkitEvent: Chaos Communication Congress 23th (23C3) 2006Abstract: This talk will cover two rootkits used as reverse engineering tools, one rootkit support library, one IDA plugin, and talk setup material. The talk itself will be given over VOIP and VNC running over the Tor network to demonstrate a proof of concept on anonymous public speech. This talk will present Tron, an extension of the Shadow Walker memory cloaker technique. Tron is a kernel driver who can cloak userland memory, and provides an API that allows the user to cloak arbitrary process memory, set permissions, signal changes of trust, conceal DLLs, and read/write hidden memory. An accompanying IDA plugin that uses this API to conceal software breakpoints will be discussed, and Another Debugger Hiding Driver, or ADHD will be presented as well. While these tools have many legitimate uses from malware analysis to legal reverse engineering and program modding, it is possible that Tron in particular can be used as a component of a "copyright circumvention device", which renders it prohibited by the USA DMCA. For this reason, but more so out of a desire to demonstrate a "proof of concept" for how to anonymously speak publicly, the speaker will be giving the talk over VOIP and VNC relayed through the Tor network. In addition to taking questions over VOIP, the speaker will also be briefly available on IRC afterwords for questions + discussion about Tron, reverse engineering, and the speech setup.

Authors: Alan BradleyTags: reverse engineeringrootkitEvent: Chaos Communication Congress 23th (23C3) 2006Abstract: This talk will cover two rootkits used as reverse engineering tools, one rootkit support library, one IDA plugin, and talk setup material. The talk itself will be given over VOIP and VNC running over the Tor network to demonstrate a proof of concept on anonymous public speech. This talk will present Tron, an extension of the Shadow Walker memory cloaker technique. Tron is a kernel driver who can cloak userland memory, and provides an API that allows the user to cloak arbitrary process memory, set permissions, signal changes of trust, conceal DLLs, and read/write hidden memory. An accompanying IDA plugin that uses this API to conceal software breakpoints will be discussed, and Another Debugger Hiding Driver, or ADHD will be presented as well. While these tools have many legitimate uses from malware analysis to legal reverse engineering and program modding, it is possible that Tron in particular can be used as a component of a "copyright circumvention device", which renders it prohibited by the USA DMCA. For this reason, but more so out of a desire to demonstrate a "proof of concept" for how to anonymously speak publicly, the speaker will be giving the talk over VOIP and VNC relayed through the Tor network. In addition to taking questions over VOIP, the speaker will also be briefly available on IRC afterwords for questions + discussion about Tron, reverse engineering, and the speech setup.

Authors: Alan BradleyTags: reverse engineeringrootkitEvent: Chaos Communication Congress 23th (23C3) 2006Abstract: This talk will cover two rootkits used as reverse engineering tools, one rootkit support library, one IDA plugin, and talk setup material. The talk itself will be given over VOIP and VNC running over the Tor network to demonstrate a proof of concept on anonymous public speech. This talk will present Tron, an extension of the Shadow Walker memory cloaker technique. Tron is a kernel driver who can cloak userland memory, and provides an API that allows the user to cloak arbitrary process memory, set permissions, signal changes of trust, conceal DLLs, and read/write hidden memory. An accompanying IDA plugin that uses this API to conceal software breakpoints will be discussed, and Another Debugger Hiding Driver, or ADHD will be presented as well. While these tools have many legitimate uses from malware analysis to legal reverse engineering and program modding, it is possible that Tron in particular can be used as a component of a "copyright circumvention device", which renders it prohibited by the USA DMCA. For this reason, but more so out of a desire to demonstrate a "proof of concept" for how to anonymously speak publicly, the speaker will be giving the talk over VOIP and VNC relayed through the Tor network. In addition to taking questions over VOIP, the speaker will also be briefly available on IRC afterwords for questions + discussion about Tron, reverse engineering, and the speech setup.

Tags: reverse engineeringembeddedEvent: Chaos Communication Congress 24th (24C3) 2007Abstract: The event aims on reverse engineering small boxes you can buy at your local Saturn or Media Market like SOHO Routers. It will be presented what you can do to get access on a box. This lecture includes firmware reversing as well as opening the box, voiding the warranty and see what you can do.

Tags: reverse engineeringembeddedEvent: Chaos Communication Congress 24th (24C3) 2007Abstract: The event aims on reverse engineering small boxes you can buy at your local Saturn or Media Market like SOHO Routers. It will be presented what you can do to get access on a box. This lecture includes firmware reversing as well as opening the box, voiding the warranty and see what you can do.

We’re big fans of [Bill Hammack], aka the Engineer Guy. His series of engineering videos dredge up pleasant memories of watching Mr. Wizard but spin to the adult science enthusiast. The most resent season (he calls it series #4) scratches the surface of the topics covered in his book Eight Amazing Engineering Stories, which was written [...]

[John McMaster] is doing some pretty amazing work with figuring out how the circuitry in an integrated circuit works. Right now he’s reverse engineering a serial EEPROM chip one section at a time. This is a 24c02 made by ST, and he chose this particular portion of the die to examine because it looked like [...]

Authors: Drew EndyTags: DNAEvent: Chaos Communication Congress 24th (24C3) 2007Abstract: Biological engineering does not have to be confined to the laboratories of high-end industry laboratories. Rather, it is desirable to foster a more open culture of biological technology. This talk is an effort to do so; it aims to equip you with basic practical knowledge of biological engineering. Genetic engineering is now a thirty year old technology. For reference, over a similar period of time, modern computing machines went from exclusive objects used to design weapons of mass destruction, to the now ubiquitous panoply of personal computing devices that support mass communication and construction. Inspired by this and many other past examples of the overwhelmingly constructive uses of technology by individuals, we have been working over the past five years to develop new tools that will help to make biology easy to engineer. We have also been working to foster a constructive culture of future biological technologists, who can reliably and responsibly conceive, develop, and deliver biological technologies that solve local problems. This talk will introduce current best practice in biological engineering, including an overview of how to order synthetic DNA and how to use and contribute standard biological parts to an open source collection of genetic functions. The talk will also discuss issues of human practice, including biological safety, biological security, ownership, sharing, and innovation in biotechnology, community organization, and perception across many different publics. My hope is that the conferees of 24C3 will help me to understand how to best enable an overwhelmingly constructive hacker culture for programming DNA.

Here we see [Easton LaChappelle] getting a congratulatory handshake from the robotic arm he built. This project is aimed at human prosthetics, and we’re happy to report that [Easton] won second place in Electrical and Mechanical engineering division of this year’s International Science and Engineering Fair (PDF listing the winners). In the video he gives [...]

Authors: Felix 'FX' LindnerTags: reverse engineeringEvent: Chaos Communication Congress 27th (27C3) 2010Abstract: The Reverse Engineer occasionally faces situations where even his most advanced commercial tools do not support the instruction set of an arcane CPU. To overcome this situation, one can develop the missing disassembler. This talk is meant to be a tutorial on how to approach the task, what to focus on first and what surprises one may be in for. The primary focus will be on the transformation of byte code back into mnemonic representation where only the reverse transformation is available (i.e. you have the respective assembler). It also covers how to integrate your new disassembler into your reverse engineering tool chain.

Authors: Felix 'FX' LindnerTags: reverse engineeringEvent: Chaos Communication Congress 27th (27C3) 2010Abstract: The Reverse Engineer occasionally faces situations where even his most advanced commercial tools do not support the instruction set of an arcane CPU. To overcome this situation, one can develop the missing disassembler. This talk is meant to be a tutorial on how to approach the task, what to focus on first and what surprises one may be in for. The primary focus will be on the transformation of byte code back into mnemonic representation where only the reverse transformation is available (i.e. you have the respective assembler). It also covers how to integrate your new disassembler into your reverse engineering tool chain.

If you’re around the Washington, DC metro area next weekend, here’s something for you. It’s the USA Science and Engineering festival, and if you’ve ever wanted to talk to [Adam] and [Jamie] from Mythbusters, [Bill Nye], and several astronauts, this is where you should be next weekend. This is the second USA Science and Engineering [...]

Authors: Michael SteilTags: reverse engineeringhardware hackingEvent: Chaos Communication Congress 27th (27C3) 2010Abstract: The MOS 6502 CPU, which was designed in 1975 and powered systems like the Apple II, the Atari 2600, the Nintendo NES and the Commodore 64 for two decades, has always been subject to intense reverse engineering of its inner workings. Only recently, the Visual6502.org project has converted a hi-res die-shot of the 6502 into a polygon model suitable for visually simulating the original mask at the transistor level. This talk will present the way from a chip package to a digital representation, how to simulate transistors in software, and new insights gained form this research about 6502 internals, like "illegal" opcodes. The presentation only requires a basic understanding of assembly programming and electronics, and is meant to teach, among other things, the methods of efficient and elegant chip design used in the early years of integrated CPUs. The talk consists of three parts. The first part, "6502 from top down", describes the programmer's model, as well as the basic layout of the components of the CPU. In the second part, "6502 from bottom up", we describe how to decap and photograph chips, convert each physical layer of the chip into a polygon model, and how to finally convert this into a network of wires and transistors suitable for logic simulation. The third part, "6502 from the inside out", explains the inner workings of the CPU: how the logic blocks work together, how an instruction is decoded by the PLA ROM into controlling these blocks and busses, and how details like interrupt delivery work. Finally, this information can be used to describe and explain undocumented behaviour, like illegal opcodes and crash instructions, and explain bugs like the BRK/IRQ race, the ROR bug and spurious reads and writes in certain situations.

Tags: social engineeringEvent: Chaos Communication Congress 28th (28C3) 2011Abstract: All the talks i saw about SE so far just showed which good SE's the speakers are. I try to do another approach, what if i get in and don't know what to do then. The talk is about the reconn. before the assessment, the different approaches of SE. Which techniques can one use, how to do a proper intel. and what is useful. How things work and more important why. Which skill set should one have before entering a engagement. And last but not least how do one counter a SE attack.

Tags: social engineeringEvent: Chaos Communication Congress 28th (28C3) 2011Abstract: All the talks i saw about SE so far just showed which good SE's the speakers are. I try to do another approach, what if i get in and don't know what to do then. The talk is about the reconn. before the assessment, the different approaches of SE. Which techniques can one use, how to do a proper intel. and what is useful. How things work and more important why. Which skill set should one have before entering a engagement. And last but not least how do one counter a SE attack.

[Troy Wright] acquired a lot of twenty broken Dell Axim PDAs. This type hardware was quite popular a decade ago, but looks archaic when compared to a modern cell phone. That’s why he was able to get them for a song. After a bit of work he managed to resurrect eight of the units, but was dismayed [...]

[Arpad] has spent quite a bit of time reverse-engineering a home automation system, and, as he is quick to point out, presents the information learned for informational purposes only. He’s really done his homework (and documented it well), looking into the US patent application, and figuring out how the protocol works. If you’re wondering how [...]

Little, no name, 1.5 inch LCD photo key-chains are all over the place for practically nothing. Not too surprisingly these things do not vary much in the parts that they use, some flash ram, a little lipo battery and a 16 bit color LCD. Wanting to find a way to reuse that LCD [Simon] Has [...]

Social engineering has been around for tens of thousands of years so it is time we approach the topic in a professional manner. The Social Engineering Vulnerability Evaluation and Recommendation (SEVER) Project is one way to help penetration testers become more consistent. It is also intended to be the best way to teach novices about [...]

[qDot] recently got his hands on a MyKeepon toy and after messing with it a bit, decided to tear it down to see what was inside. He had hopes of easily modding the toy, but like most adventures in hacking, things might take a while longer than he first imagined. In his teardown you can [...]

The Nike+ hardware is obviously an interesting device. We haven’t heard a whole lot about hacking one until now, but [Dimitry] has decided to change that. Many would assume that the data transmitted off of these sensors is quite simple, however there’s a bit more than meets the eye. Amongst other challenges, all the data [...]

Authors: Dale PearsonTags: social engineeringEvent: Hashdays 2010Abstract: Social Engineering is considered by many as a sort of magical art form in the Infosec world, some of the best at it must have Jedi like powers to get into some of the places they do. The magic or art of SE is all about creating a situation that suggests you belong, and are perceived to be just like everyone else just going about your business. Some people have a natural flare for SE, they are good at building rapport and are generally likeable. People say that SE exists because of human stupidity and there is no patch for it, but what if you can understand why the human brain is susceptible, if you understand this better can you be more successful in your SE exploits, and can you use this to educate and perhaps help apply that patch. During my talk I will discuss how I looked at methods and skills that can be learnt to better understand how the human brain works, and how it can be manipulated. This will take us on the journey and fun of looking at NLP patterns, mentalism and becoming a hypnotist myself. We will talk about why these skills can improve your success as a social engineer, as well as being more aware of being manipulated yourself.

[Bill the “Engineer Guy” Hammack] is back with another lesson in the science behind the technology we know and love, but might not fully understand. This time around he discusses fiber optic cabling and how it is used to relay data across distances both small and large. He starts off by showing how laser light [...]

[Fred] got a La Crosse wireless weather station as a gift and thought the LCD display was great, but he was dismayed that there was no means of extracting the temperature data for use on a computer. He thought that the modular design of the system would make it great for use in his home [...]

While not necessarily an easy thing to learn, the ability to reverse engineer embedded device firmware is an incredibly useful skill. Reverse engineering firmware allows you to analyze a device for bugs and vulnerabilities, as well as gives you the opportunity to add features if you happen to be so inclined. When it comes to [...]

[Sam Fok], an engineering student at the Washington University School of Engineering wrote in to share a project he and his classmates [Raphael Schwartz, Mark Wronkiewicz, Charles Holmes, Jessica Zhang, Nathan Brodell, and Thane Somers] have been working on as their entry in the 2011 RESNA Student Design Competition. Their project, IpsiHand, is designed to [...]

[Scott] was looking to source some LCD screens for an upcoming project, and was considering buying them from SparkFun. While the Nokia panels they sell are not expensive, they aren’t necessarily the cheapest option either – especially when building in volume. He searched around for something he could use instead, and settled on Blackberry screens. [...]

So you’re master of electrons; able to program multiple chip architectures without batting an eye. Good for you. The only problem is that blinking LEDs gets boring after a while and you’re going to want to do something else. Here’s a chance to expand on your physical construction skills. Make: Skill Set is sharing the [...]

Cats do what they want, which rarely coincides with what their owner wants them to do. In [Dumitru]‘s case, his girlfriend’s cat [Pufu] tended to make it outside into the cold more often than desired. Rather than settle with the normal bell which gets obnoxious even when the cat isn’t misbehaving, he decided to put [...]

[Chr] picked up a pack of remote control outlets in order to reverse engineer them and build control into his own projects. These can be plugged into outlets around your house and a relay inside each module will switch whatever device is plugged into it after receiving a command from the remote. Once he cracked [...]

Occasionally when a device breaks, the defect is obvious. Whether it is a blown fuse or a defective capacitor, generally the easy to see stuff is easy to fix. When a problem is more subtle, or when doing some more advanced tasks like adding functionality to a device, greater knowledge about a circuit board is [...]

Authors: Dale PearsonTags: social engineeringEvent: Hashdays 2010Abstract: Social Engineering is considered by many as a sort of magical art form in the Infosec world, some of the best at it must have Jedi like powers to get into some of the places they do. The magic or art of SE is all about creating a situation that suggests you belong, and are perceived to be just like everyone else just going about your business. Some people have a natural flare for SE, they are good at building rapport and are generally likeable. People say that SE exists because of human stupidity and there is no patch for it, but what if you can understand why the human brain is susceptible, if you understand this better can you be more successful in your SE exploits, and can you use this to educate and perhaps help apply that patch. During my talk I will discuss how I looked at methods and skills that can be learnt to better understand how the human brain works, and how it can be manipulated. This will take us on the journey and fun of looking at NLP patterns, mentalism and becoming a hypnotist myself. We will talk about why these skills can improve your success as a social engineer, as well as being more aware of being manipulated yourself.

This electronic scarecrow keeps the birds away and makes your neighbors hate you at the same time. That’s because its way too loud, even if the next house is far away. The conrad.de folks that brought us the climbing bike storage device are at it again, putting together car audio and strings of lights as [...]

has been hard at work reverse engineering the charging method used by Apple products. This saga takes us through the years as new devices were released and subsequently broke Minty Boost’s charging capabilities. It seems the data lines were gradually adopted as a means for iPhones and iPods to identify the charger that had been [...]

Authors: Adam MeyersTags: reverse engineeringEvent: Source Conference Boston 2010Abstract: This session will introduce the concepts of exploit reverse engineering in support of incident response and/or post mortem analysis. Attendees will learn the tools and techniques required to take malicious exploit code and understand what it is targeting and how to identify and prevent future success against the enterprise. This will include a live demonstration of the techniques to re-enforce how to reverse exploit code.

Authors: Felix DomkeTags: reverse engineeringhardware hackingEvent: Chaos Communication Congress 26th (26C3) 2009Abstract: JTAG is an industry standard for accessing testmode functionality in almost any complex microchip. While the basics of JTAG are standardized, the exact implementation details are usually undocumented. Nevertheless, JTAG often allows you to interact with the chip very deeply, which makes it very interesting since it is often easily accessible thanks to the small pincount. This talk covers reverse engineering of JTAG interfaces when no or only limited documentation is available. JTAG is an industry standard for accessing testmode functionality, and is available on almost any complex microchip. It is often for functional testing while doing wafer sort, during board production, product development and service. While the basics of JTAG are standardized, the exact implementation details are usually not available in public datasheets. Very often, even when signing a vendor NDA, only limited parts of JTAG will be documented (like boundary scan and the CPU debug interface). JTAG, however, often allows a much deeper interaction with the chip, and often, security is falsely established though obscurity by providing undocumented testmodes. JTAG isn't only available on CPUs, but also on a lot of other peripherals, which turns them into an interesting target if they provide busmaster access to a system bus.

Authors: Florian EchtlerTags: reverse engineeringhardware hackingEvent: Chaos Communication Congress 26th (26C3) 2009Abstract: DisplayLink produces nice, useful USB graphics adapters. Unfortunately, they had no real Linux support. In this talk, we'll describe how we first reverse-engineered the encryption and basic protocol, prompting DisplayLink to actually release a Linux driver on their own. However, their driver still doesn't support compression. In the second part, we'll therefore describe how we reverse-engineered the compression algorithm.

Authors: Florian EchtlerTags: reverse engineeringhardware hackingEvent: Chaos Communication Congress 26th (26C3) 2009Abstract: DisplayLink produces nice, useful USB graphics adapters. Unfortunately, they had no real Linux support. In this talk, we'll describe how we first reverse-engineered the encryption and basic protocol, prompting DisplayLink to actually release a Linux driver on their own. However, their driver still doesn't support compression. In the second part, we'll therefore describe how we reverse-engineered the compression algorithm.

Authors: Florian EchtlerTags: reverse engineeringhardware hackingEvent: Chaos Communication Congress 26th (26C3) 2009Abstract: DisplayLink produces nice, useful USB graphics adapters. Unfortunately, they had no real Linux support. In this talk, we'll describe how we first reverse-engineered the encryption and basic protocol, prompting DisplayLink to actually release a Linux driver on their own. However, their driver still doesn't support compression. In the second part, we'll therefore describe how we reverse-engineered the compression algorithm.

Authors: Philippe OechslinTags: reverse engineeringcryptographyEvent: Chaos Communication Congress 26th (26C3) 2009Abstract: Breaking good crypto is hard. It takes a genius to find a flaw in AES or Blowfish. On the other hand, it is also difficult to program cryptography correctly. Thus the simpler way of breaking a cryptographic software is often to reverse engineer it and find the crypto errors that were made by the programmers. In this talk the simple errors will be demonstrated that were discovered when reverse engineering three products for evaluation or forensic purposes. In each case, a simple error gave access to information that was supposed to be protected by the best crypto algorithms. The demos will be the following: * the FIPS 142-3 level 2 certified MXI stealth USB key (before it got patched) * a version of the E-capsule private safe from EISST * Data Beckers now defunct Private Safe software

Authors: Philippe OechslinTags: reverse engineeringcryptographyEvent: Chaos Communication Congress 26th (26C3) 2009Abstract: Breaking good crypto is hard. It takes a genius to find a flaw in AES or Blowfish. On the other hand, it is also difficult to program cryptography correctly. Thus the simpler way of breaking a cryptographic software is often to reverse engineer it and find the crypto errors that were made by the programmers. In this talk the simple errors will be demonstrated that were discovered when reverse engineering three products for evaluation or forensic purposes. In each case, a simple error gave access to information that was supposed to be protected by the best crypto algorithms. The demos will be the following: * the FIPS 142-3 level 2 certified MXI stealth USB key (before it got patched) * a version of the E-capsule private safe from EISST * Data Beckers now defunct Private Safe software